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WHAT IS CLAIMED IS : 

1 . A method for implementing security features at a portal server, 
comprising: 

receiving a first request from a client; 

in response to receiving the first request, authenticating the client; 

consulting a database to determine access privileges of the authenticated client for 
interactions with a plurality of applications, wherein the applications are located at 
backend servers; 

generating code containing selectable interactions with the applications, wherein 
any authentication for the selectable interactions can be performed within the portal 
server; and 

sending the code to the client. 

2. The method of claim 1, further comprising: 

responsive to sending the code to the client, receiving a second request from the 
client, wherein the second request contains a selection of at least one of the selectable 
interactions; 

determining from the selection a set of backend servers to process the second 
request; 

forwarding the second request to the set of backend servers; 
receiving results corresponding to the request from applications executing on the 
backend servers; and 

sending the results to the client. 
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3. The method of claim 2, wherein sending the results to the client further 
comprises: 

generating further selectable interactions; and 

sending the further selectable interactions with the results to the client. 

4. The method of claim 1 , wherein the portal server is a Web server and the 
portal server comprises a portal application. 

5. The method of claim 1, wherein the database comprises a plurality of 
generic objects, wherein each generic object contains the access privileges related to a 
user for the elements of the plurality of applications. 

6. The method of claim 5, wherein the access privileges indicate write access. 

7. The method of claim 5, wherein the database is in the form of a table. 

8. The method of claim 1 wherein the code is in a form that can be rendered 
into a Web page. 

9. The method of claim 8, wherein the form of the code is comprised of 
active code, wherein the active code can be executed on the client. 

10. The method of claim 1 , wherein the selectable interactions correspond to 
operations within the applications. 

1 1 . The method of claim 1 , wherein the selectable interactions correspond to 
resources related to the applications. 
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12. The method of claim 11, wherein the resources are selected from the group 
consisting of multimedia content, objects, files, attributes of objects, program elements, 
database objects, table entries. 

13. A method at a backend system for securely making available a backend 
application, comprising: 

creating data structures corresponding to interactions with the backend 
application; 

associating privileges for each of the data structures, wherein the privileges can be 
fully checked at a portal application separately hosted from the backend application; 

receiving a request from the portal application for reading the data structures; and 
sending the data structures to the portal application. 

14. The method of claim 13, further comprising: 

receiving a request for an interaction with the backend application from the portal 
application; 

processing the request without checking for the privileges; and 
sending the results of processing the request to the portal server. 

15. The method of claim 13, wherein the data structures are data objects. 

16. The method of claim 13, wherein a representation of the data structure is 
from the group consisting of a relational database, an XML document and a class. 

17. The method of claim 13, wherein the interactions are operations that can 
be performed on the backend application. 

1 8. The method of claim 13, wherein the interactions relate to resources 
associated with the background application. 
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1 19. A method for accessing a group of applications at a client computer 

2 comprising: 

3 authenticating with a portal server; 

4 receiving a list of applications and interactions that can be performed with the 

5 applications from the portal server, wherein the applications are stored at backend servers 

6 that are different from the portal server; 

7 selecting an interaction; and 

8 receiving results based on the selection of the interaction without authenticating 

9 with the backend servers. 

1 20. The method of claim 1 9, wherein receiving the results further comprises 

2 receiving a set of further interactions selectable by the client. 

1 21. The method of claim 19, wherein authenticating, receiving the list, 

2 selecting, and receiving results are at a Web browser. 

1 22. A system for implementing security features, comprising: 

2 a portal server; 

3 means for receiving a first request from a client at the portal server; 

4 means for authenticating the client, in response to receiving the first request; 

5 means for consulting a database to determine access privileges of the 

6 authenticated client for interactions with a plurality of applications, wherein the 

7 applications are located at backend servers; 

8 means for generating code containing selectable interactions with the applications, 

9 wherein any authentication for the selectable interactions can be performed within the 

10 portal server; and 

1 1 means for sending the code to the client. 
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23 . The system of claim 22 , further comprising: 

means for receiving a second request from the client in response to sending the 
code to the client, wherein the second request contains a selection of at least one of the 
selectable interactions; 

means for determining from the selection a set of backend servers to process the 
second request; 

means for forwarding the second request to the set of backend servers; 
means for receiving results corresponding to the request from applications 
executing on the backend servers; and 

means for sending the results to the client. 

24. The system of claim 23 , wherein the means for sending the results to the 
client further performs: 

generating further selectable interactions; and 

sending the further selectable interactions with the results to the client. 

25. The system of claim 22, wherein the database comprises a plurality of 
generic objects, wherein each generic object contains the access privileges related to a 
user for the elements of the plurality of applications. 

26. A system for securely making available a backend application, comprising: 
a backend system hosting the backend application; 

means for creating data structures at the backend system corresponding to 
interactions with the backend application; 

means for associating privileges for each of the data structures, wherein the 
privileges can be fully checked at a portal application separately hosted from the backend 
application; 

means for receiving a request from the portal application for reading the data 
structures; and 

means for sending the data structures to the portal application. 
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27. The system of claim 26, further comprising: 

means for receiving a request for an interaction with the backend application from 
the portal application; 

means for processing the request without checking for the privileges; and 
means for sending the results of processing the request to the portal server. 

28. A system for accessing a group of applications comprising: 
a client computer; 

means for authenticating with a portal server from the client computer; 

means for receiving a list of applications and interactions that can be performed 
with the applications from the portal server, wherein the applications are stored at 
backend servers that are different from the portal server; 

means for selecting an interaction; and 

means for receiving results based on the selection of the interaction without 
authenticating with the backend servers. 

29. The system of claim 28, wherein the means for receiving the results further 
performs receiving a set of further interactions selectable by the client. 
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1 30. An article of manufacture including code for implementing security 

2 features at a portal server, wherein the code is capable of causing operations, the 

3 operations comprising: 

4 receiving a first request from a client; 

5 in response to receiving the first request, authenticating the client; 

6 consulting a database to determine access privileges of the authenticated client for 

7 interactions with a plurality of applications, wherein the applications are located at 

8 backend servers; 

9 generating code containing selectable interactions with the applications, wherein 

10 any authentication for the selectable interactions can be performed within the portal 

11 server; and 

12 sending the code to the client. 

1 31. The article of manufacture of claim 30, further comprising: 

2 responsive to sending the code to the client, receiving a second request from the 

3 client, wherein the second request contains a selection of at least one of the selectable 

4 interactions; 

5 determining from the selection a set of backend servers to process the second 

6 request; 

7 forwarding the second request to the set of backend servers; 

8 receiving results corresponding to the request from applications executing on the 

9 backend servers; and 

1 0 sending the results to the client. 
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1 32. The article of manufacture of claim 31, wherein sending the results to the 

2 client further comprises: 

3 generating further selectable interactions; and 

4 sending the further selectable interactions with the results to the client. 

1 33 . The article of manufacture of claim 30, wherein the portal server is a Web 

2 server and the portal server comprises a portal application. 

1 34. The article of manufacture of claim 30, wherein the database comprises a 

2 plurality of generic objects, wherein each generic object contains the access privileges 

3 related to a user for the elements of the plurality of applications. 

1 35 . The article of manufacture of claim 34, wherein the access privileges 

2 indicate write access. 

1 36. The article of manufacture of claim 34, wherein the database is in the 

2 form of a table. 

1 37. The article of manufacture of claim 30 wherein the code is in a form that 

2 can be rendered into a Web page. 

1 38. The article of manufacture of claim 37, wherein the form of the code is 

2 comprised of active code, wherein the active code can be executed on the client. 
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39. The article of manufacture of claim 30, wherein the selectable interactions 
correspond to operations within the applications. 
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40. The article of manufacture of claim 30, wherein the selectable interactions 
correspond to resources related to the applications. 

4 1 . The article of manufacture of claim 40, wherein the resources are selected 
from the group consisting of multimedia content, objects, files, attributes of objects, 
program elements, database objects, table entries. 

42. An article of manufacture, including code for securely making available a 
backend application at a backend system, wherein the code is capable of causing 
operations, the operations comprising: 

creating data structures corresponding to interactions with the backend 
application; 

associating privileges for each of the data structures, wherein the privileges can be 
fully checked at a portal application separately hosted from the backend application; 

receiving a request from the portal application for reading the data structures; and 
sending the data structures to the portal application. 

43. The article of manufacture of claim 42, further comprising: 

receiving a request for an interaction with the backend application from the portal 
application; 

processing the request without checking for the privileges; and 
sending the results of processing the request to the portal server. 

44. The article of manufacture of claim 42, wherein the data structures are data 
objects. 
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45. The article of manufacture of claim 42, wherein a representation of the 
data structure is from the group consisting of a relational database, an XML document 
and a class. 

46. The article of manufacture of claim 42, wherein the interactions are 
operations that can be performed on the backend application. 

47. The article of manufacture of claim 42, wherein the interactions relate to 
resources associated with the background application. 

48. An article of manufacture, including code for accessing a group of 
applications at a client computer, wherein the code is capable of causing operations, the 
operations comprising: 

authenticating with a portal server; 

receiving a list of applications and interactions that can be performed with the 
applications from the portal server, wherein the applications are stored at backend servers 
that are different from the portal server; 

selecting an interaction; and 

receiving results based on the selection of the interaction without authenticating 
with the backend servers. 

49. The article of manufacture of claim 48, wherein receiving the results 
further comprises receiving a set of further interactions selectable by the client. 

50. The article of manufacture of claim 48, wherein authenticating, receiving 
the list, selecting, and receiving results are at a Web browser. 



